| <?xml version='1.0'?> <!--*-nxml-*--> |
| <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" |
| "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> |
| |
| <!-- |
| This file is part of systemd. |
| |
| Copyright 2014 Zbigniew Jędrzejewski-Szmek |
| |
| systemd is free software; you can redistribute it and/or modify it |
| under the terms of the GNU Lesser General Public License as published by |
| the Free Software Foundation; either version 2.1 of the License, or |
| (at your option) any later version. |
| |
| systemd is distributed in the hope that it will be useful, but |
| WITHOUT ANY WARRANTY; without even the implied warranty of |
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
| Lesser General Public License for more details. |
| |
| You should have received a copy of the GNU Lesser General Public License |
| along with systemd; If not, see <http://www.gnu.org/licenses/>. |
| --> |
| |
| <refentry id="sd_bus_creds_get_pid" conditional="ENABLE_KDBUS"> |
| |
| <refentryinfo> |
| <title>sd_bus_creds_get_pid</title> |
| <productname>systemd</productname> |
| |
| <authorgroup> |
| <author> |
| <contrib>A monkey with a typewriter</contrib> |
| <firstname>Zbigniew</firstname> |
| <surname>Jędrzejewski-Szmek</surname> |
| <email>zbyszek@in.waw.pl</email> |
| </author> |
| </authorgroup> |
| </refentryinfo> |
| |
| <refmeta> |
| <refentrytitle>sd_bus_creds_get_pid</refentrytitle> |
| <manvolnum>3</manvolnum> |
| </refmeta> |
| |
| <refnamediv> |
| <refname>sd_bus_creds_get_pid</refname> |
| <refname>sd_bus_creds_get_pid_starttime</refname> |
| <refname>sd_bus_creds_get_tid</refname> |
| <refname>sd_bus_creds_get_uid</refname> |
| <refname>sd_bus_creds_get_gid</refname> |
| <refname>sd_bus_creds_get_comm</refname> |
| <refname>sd_bus_creds_get_tid_comm</refname> |
| <refname>sd_bus_creds_get_exe</refname> |
| <refname>sd_bus_creds_get_cmdline</refname> |
| <refname>sd_bus_creds_get_cgroup</refname> |
| <refname>sd_bus_creds_get_unit</refname> |
| <refname>sd_bus_creds_get_user_unit</refname> |
| <refname>sd_bus_creds_get_slice</refname> |
| <refname>sd_bus_creds_get_session</refname> |
| <refname>sd_bus_creds_get_owner_uid</refname> |
| <refname>sd_bus_creds_has_effective_cap</refname> |
| <refname>sd_bus_creds_has_permitted_cap</refname> |
| <refname>sd_bus_creds_has_inheritable_cap</refname> |
| <refname>sd_bus_creds_has_bounding_cap</refname> |
| <refname>sd_bus_creds_get_selinux_context</refname> |
| <refname>sd_bus_creds_get_audit_session_id</refname> |
| <refname>sd_bus_creds_get_audit_login_uid</refname> |
| <refname>sd_bus_creds_get_unique_name</refname> |
| <refname>sd_bus_creds_get_well_known_names</refname> |
| |
| <refpurpose>Retrieve fields from a credentials object</refpurpose> |
| </refnamediv> |
| |
| <refsynopsisdiv> |
| <funcsynopsis> |
| <funcsynopsisinfo>#include <systemd/sd-bus.h></funcsynopsisinfo> |
| |
| <funcprototype> |
| <funcdef>int <function>sd_bus_creds_get_pid</function></funcdef> |
| <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
| <paramdef>pid_t *<parameter>pid</parameter></paramdef> |
| </funcprototype> |
| |
| <funcprototype> |
| <funcdef>int <function>sd_bus_creds_get_pid_starttime</function></funcdef> |
| <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
| <paramdef>uint64_t *<parameter>usec</parameter></paramdef> |
| </funcprototype> |
| |
| <funcprototype> |
| <funcdef>int <function>sd_bus_creds_get_tid</function></funcdef> |
| <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
| <paramdef>pid_t *<parameter>tid</parameter></paramdef> |
| </funcprototype> |
| |
| <funcprototype> |
| <funcdef>int <function>sd_bus_creds_get_pid</function></funcdef> |
| <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
| <paramdef>uid_t *<parameter>uid</parameter></paramdef> |
| </funcprototype> |
| |
| <funcprototype> |
| <funcdef>int <function>sd_bus_creds_get_gid</function></funcdef> |
| <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
| <paramdef>gid_t *<parameter>gid</parameter></paramdef> |
| </funcprototype> |
| |
| <funcprototype> |
| <funcdef>int <function>sd_bus_creds_get_comm</function></funcdef> |
| <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
| <paramdef>const char **<parameter>comm</parameter></paramdef> |
| </funcprototype> |
| |
| <funcprototype> |
| <funcdef>int <function>sd_bus_creds_get_tid_comm</function></funcdef> |
| <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
| <paramdef>const char **<parameter>comm</parameter></paramdef> |
| </funcprototype> |
| |
| <funcprototype> |
| <funcdef>int <function>sd_bus_creds_get_exe</function></funcdef> |
| <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
| <paramdef>const char **<parameter>exe</parameter></paramdef> |
| </funcprototype> |
| |
| <funcprototype> |
| <funcdef>int <function>sd_bus_creds_get_cmdline</function></funcdef> |
| <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
| <paramdef>char ***<parameter>cmdline</parameter></paramdef> |
| </funcprototype> |
| |
| <funcprototype> |
| <funcdef>int <function>sd_bus_creds_get_cgroup</function></funcdef> |
| <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
| <paramdef>const char **<parameter>cgroup</parameter></paramdef> |
| </funcprototype> |
| |
| <funcprototype> |
| <funcdef>int <function>sd_bus_creds_get_unit</function></funcdef> |
| <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
| <paramdef>const char **<parameter>unit</parameter></paramdef> |
| </funcprototype> |
| |
| <funcprototype> |
| <funcdef>int <function>sd_bus_creds_get_user_unit</function></funcdef> |
| <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
| <paramdef>const char **<parameter>unit</parameter></paramdef> |
| </funcprototype> |
| |
| <funcprototype> |
| <funcdef>int <function>sd_bus_creds_get_slice</function></funcdef> |
| <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
| <paramdef>const char **<parameter>slice</parameter></paramdef> |
| </funcprototype> |
| |
| <funcprototype> |
| <funcdef>int <function>sd_bus_creds_get_session</function></funcdef> |
| <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
| <paramdef>const char **<parameter>slice</parameter></paramdef> |
| </funcprototype> |
| |
| <funcprototype> |
| <funcdef>int <function>sd_bus_creds_get_owner_uid</function></funcdef> |
| <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
| <paramdef>uid_t *<parameter>uid</parameter></paramdef> |
| </funcprototype> |
| |
| <funcprototype> |
| <funcdef>int <function>sd_bus_creds_has_effective_cap</function></funcdef> |
| <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
| <paramdef>int <parameter>capability</parameter></paramdef> |
| </funcprototype> |
| |
| <funcprototype> |
| <funcdef>int <function>sd_bus_creds_has_permitted_cap</function></funcdef> |
| <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
| <paramdef>int <parameter>capability</parameter></paramdef> |
| </funcprototype> |
| |
| <funcprototype> |
| <funcdef>int <function>sd_bus_creds_has_inheritable_cap</function></funcdef> |
| <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
| <paramdef>int <parameter>capability</parameter></paramdef> |
| </funcprototype> |
| |
| <funcprototype> |
| <funcdef>int <function>sd_bus_creds_has_bounding_cap</function></funcdef> |
| <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
| <paramdef>int <parameter>capability</parameter></paramdef> |
| </funcprototype> |
| |
| <funcprototype> |
| <funcdef>int <function>sd_bus_creds_get_selinux_context</function></funcdef> |
| <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
| <paramdef>const char **<parameter>context</parameter></paramdef> |
| </funcprototype> |
| |
| <funcprototype> |
| <funcdef>int <function>sd_bus_creds_get_audit_session_id</function></funcdef> |
| <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
| <paramdef>uint32_t *<parameter>sessionid</parameter></paramdef> |
| </funcprototype> |
| |
| <funcprototype> |
| <funcdef>int <function>sd_bus_creds_get_audit_login_uid</function></funcdef> |
| <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
| <paramdef>uid_t *<parameter>loginuid</parameter></paramdef> |
| </funcprototype> |
| |
| <funcprototype> |
| <funcdef>int <function>sd_bus_creds_get_unique_name</function></funcdef> |
| <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
| <paramdef>const char **<parameter>name</parameter></paramdef> |
| </funcprototype> |
| |
| <funcprototype> |
| <funcdef>int <function>sd_bus_creds_get_well_known_names</function></funcdef> |
| <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
| <paramdef>char ***<parameter>name</parameter></paramdef> |
| </funcprototype> |
| |
| </funcsynopsis> |
| </refsynopsisdiv> |
| |
| <refsect1> |
| <title>Description</title> |
| |
| <para>These functions return information from an |
| <parameter>sd_bus_creds</parameter> object. It may be created with |
| <citerefentry><refentrytitle>sd_bus_creds_new_from_pid</refentrytitle><manvolnum>3</manvolnum></citerefentry>, |
| in which case it will describe the specified process, or it may be |
| created by |
| <citerefentry><refentrytitle>sd_bus_get_peer_creds</refentrytitle><manvolnum>3</manvolnum></citerefentry>, |
| in which case it will describe the process at the other endpoint |
| of a connection. |
| </para> |
| |
| <para><function>sd_bus_creds_get_pid</function> will retrieve the |
| PID (process identifier).</para> |
| |
| <para><function>sd_bus_creds_get_pid_starttime</function> will |
| retrieve the time since the start of the epoch in microseconds |
| since the process was started.</para> |
| |
| <para><function>sd_bus_creds_get_tid</function> will retrieve the |
| TID (thread identifier).</para> |
| |
| <para><function>sd_bus_creds_get_uid</function> will retrieve the |
| numeric UID (user identifier).</para> |
| |
| <para><function>sd_bus_creds_get_gid</function> will retrieve the |
| numeric GID (group identifier).</para> |
| |
| <para><function>sd_bus_creds_get_comm</function> will retrieve the |
| comm field (truncated name of the executable, as stored in |
| <filename>/proc/<replaceable>pid</replaceable>/comm</filename>). |
| </para> |
| |
| <para><function>sd_bus_creds_get_tid_comm</function> will retrieve |
| the comm field of the thread (as stored in |
| <filename>/proc/<replaceable>pid</replaceable>/task/<replaceable>tid</replaceable>/comm</filename>). |
| </para> |
| |
| <para><function>sd_bus_creds_get_exe</function> will retrieve the |
| path to the program (as stored in the |
| <filename>/proc/<replaceable>pid</replaceable>/exe</filename> |
| link, but with <literal> (deleted)</literal> suffix removed). |
| </para> |
| |
| <para><function>sd_bus_creds_get_cmdline</function> will retrieve |
| an array of command-line arguments (as stored in |
| <filename>/proc/<replaceable>pid</replaceable>/cmdline</filename>). |
| </para> |
| |
| <para><function>sd_bus_creds_get_cgroup</function> will retrieve |
| the cgroup path. See <ulink |
| url="https://www.kernel.org/doc/Documentation/cgroups/cgroups.txt">cgroups.txt</ulink>. |
| </para> |
| |
| <para><function>sd_bus_creds_get_unit</function> will retrieve the |
| systemd unit name (in the system instance of systemd) that the |
| process is part of. See |
| <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>. |
| </para> |
| |
| <para><function>sd_bus_creds_get_user_unit</function> will |
| retrieve the systemd unit name (in the user instance of systemd) |
| that the process is part of. See |
| <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>. |
| </para> |
| |
| <para><function>sd_bus_creds_get_slice</function> will retrieve |
| the systemd slice (a unit in the system instance of systemd) that |
| the process is part of. See |
| <citerefentry><refentrytitle>systemd.slice</refentrytitle><manvolnum>5</manvolnum></citerefentry>. |
| </para> |
| |
| <para><function>sd_bus_creds_get_session</function> will retrieve |
| the logind session that the process is part of. See |
| <citerefentry><refentrytitle>systemd-logind.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>. |
| </para> |
| |
| <para><function>sd_bus_creds_get_owner_uid</function> will retrieve |
| the numeric UID (user identifier) of the user who owns the slice |
| that the process is part of. See |
| <citerefentry><refentrytitle>systemd.slice</refentrytitle><manvolnum>5</manvolnum></citerefentry> |
| <!-- and |
| <citerefentry><refentrytitle>systemd-user-sessions.service</refentrytitle><manvolnum>8</manvolnum></citerefentry> -->. |
| </para> |
| |
| <para><function>sd_bus_creds_has_effective_cap</function> will |
| check whether the capability specified by |
| <parameter>capability</parameter> was set in the effective |
| capabilities mask. A positive return value means that is was |
| set, zero means that it was not set, and a negative return |
| value signifies an error. See |
| <citerefentry project='man-pages'><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry> |
| and <varname>Capabilities=</varname> and |
| <varname>CapabilityBoundingSet=</varname> settings in |
| <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>. |
| </para> |
| |
| <para><function>sd_bus_creds_has_permitted_cap</function> is |
| similar to <function>sd_bus_creds_has_effective_cap</function>, |
| but will check the permitted capabilities mask.</para> |
| |
| <para><function>sd_bus_creds_has_inheritable_cap</function> is |
| similar to <function>sd_bus_creds_has_effective_cap</function>, |
| but will check the inheritable capabilities mask.</para> |
| |
| <para><function>sd_bus_creds_has_bounding_cap</function> is |
| similar to <function>sd_bus_creds_has_effective_cap</function>, |
| but will check the bounding capabilities mask.</para> |
| |
| <para><function>sd_bus_creds_get_selinux_context</function> will |
| retrieve the SELinux security context (label) of the process.</para> |
| |
| <para><function>sd_bus_creds_get_audit_session_id</function> will |
| retrieve the audit session identifier of the process.</para> |
| |
| <para><function>sd_bus_creds_get_audit_login_uid</function> will |
| retrieve the audit user login identifier (the identifier of the |
| user who is "responsible" for the session).</para> |
| |
| <para><function>sd_bus_creds_get_unique_name</function> will |
| retrieve the D-Bus unique name. See <ulink |
| url="http://dbus.freedesktop.org/doc/dbus-specification.html#message-protocol-names-bus">The |
| D-Bus specification</ulink>.</para> |
| |
| <para><function>sd_bus_creds_get_well_known_names</function> will |
| retrieve the set of D-Bus well-known names. See <ulink |
| url="http://dbus.freedesktop.org/doc/dbus-specification.html#message-protocol-names-bus">The |
| D-Bus specification</ulink>.</para> |
| |
| <para>All functions that take a <parameter>const |
| char**</parameter> parameter will store the answer there as an |
| address of a NUL-terminated string. It will be valid as long as |
| <parameter>c</parameter> remains valid, and should not be freed or |
| modified by the caller.</para> |
| |
| <para>All functions that take a <parameter>char***</parameter> |
| parameter will store the answer there as an address of a an array |
| of strings. Each invidividual string is NUL-terminated, and the |
| array is NULL-terminated as a whole. It will be valid as long as |
| <parameter>c</parameter> remains valid, and should not be freed or |
| modified by the caller.</para> |
| </refsect1> |
| |
| <refsect1> |
| <title>Return Value</title> |
| |
| <para>On success, these calls return 0 or a positive integer. On |
| failure, these calls return a negative errno-style error code. |
| </para> |
| </refsect1> |
| |
| <refsect1> |
| <title>Errors</title> |
| |
| <para>Returned errors may indicate the following problems:</para> |
| |
| <variablelist> |
| <varlistentry> |
| <term><varname>-ENODATA</varname></term> |
| |
| <listitem><para>Given field is not available in |
| <parameter>c</parameter>.</para> |
| </listitem> |
| </varlistentry> |
| |
| <varlistentry> |
| <term><varname>-ENOENT</varname></term> |
| |
| <listitem><para>Given field is not specified for the sender. |
| This will be returned by <function>sd_bus_get_unit</function>, |
| <function>sd_bus_get_user_unit</function>, |
| <function>sd_bus_get_slice</function>, |
| <function>sd_bus_get_session</function>, and |
| <function>sd_bus_get_owner_uid</function> if the sender is not |
| part of a systemd system unit, systemd user unit, systemd |
| slice, logind session, or a systemd user session.</para> |
| </listitem> |
| </varlistentry> |
| |
| <varlistentry> |
| <term><varname>-ENXIO</varname></term> |
| |
| <listitem><para>An error occured in parsing cgroup paths. |
| <filename>libsystemd</filename> might be out of sync with |
| the running systemd version.</para></listitem> |
| </varlistentry> |
| |
| <varlistentry> |
| <term><varname>-EINVAL</varname></term> |
| |
| <listitem><para>Specified pointer parameter is <constant>NULL</constant>. |
| </para></listitem> |
| </varlistentry> |
| |
| <varlistentry> |
| <term><varname>-ENOMEM</varname></term> |
| |
| <listitem><para>Memory allocation failed.</para></listitem> |
| </varlistentry> |
| </variablelist> |
| </refsect1> |
| |
| <refsect1> |
| <title>Notes</title> |
| |
| <para><function>sd_bus_open_user()</function> and other functions |
| described here are available as a shared library, which can be |
| compiled and linked to with the |
| <constant>libsystemd</constant> <citerefentry project='die-net'><refentrytitle>pkg-config</refentrytitle><manvolnum>1</manvolnum></citerefentry> |
| file.</para> |
| </refsect1> |
| |
| <refsect1> |
| <title>See Also</title> |
| |
| <para> |
| <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, |
| <citerefentry><refentrytitle>sd-bus</refentrytitle><manvolnum>3</manvolnum></citerefentry>, |
| <citerefentry><refentrytitle>fork</refentrytitle><manvolnum>2</manvolnum></citerefentry>, |
| <citerefentry><refentrytitle>execve</refentrytitle><manvolnum>2</manvolnum></citerefentry>, |
| <citerefentry project='man-pages'><refentrytitle>credentials</refentrytitle><manvolnum>7</manvolnum></citerefentry>, |
| <citerefentry project='man-pages'><refentrytitle>free</refentrytitle><manvolnum>3</manvolnum></citerefentry>, |
| <citerefentry project='man-pages'><refentrytitle>proc</refentrytitle><manvolnum>5</manvolnum></citerefentry>, |
| <citerefentry><refentrytitle>systemd.journald-fields</refentrytitle><manvolnum>7</manvolnum></citerefentry> |
| </para> |
| </refsect1> |
| |
| </refentry> |